[Gllug] Apache mod_ssl
ccooke
ccooke-gllug at gkhs.net
Mon Aug 9 19:48:47 UTC 2004
On Mon, Aug 09, 2004 at 06:11:43PM +0100, Richard Jones wrote:
> On Mon, Aug 09, 2004 at 05:23:23PM +0100, will wrote:
> > Doug Winter wrote:
> > >generally in real life the password is kept in a text file on the same
> > >machine, and then the password entering phase of server start up is
> > >faked using, as someone else said, some crappy perl script. that is no
> > >more secure than no password at all, so it seems much simpler just to
> > >remove the encryption completely.
> >
> > So it is more secure as long as you don't keep the password in a text
> > file on the same server then. I would aggree, it is an unlikely attack
> > on anything I am running.
>
> Or as long as someone doesn't silently break into your machine and
> install a keylogger on your sshd ... It's marginally more secure if
> you type the passphrase in on the console (goodbye remote
> administration!), but even then there are perfectly plausible ways to
> sniff keystrokes.
>
> Rich.
And that kills any hope of automated system startup, which anything but
a very small company will really want. Once you've got to that point,
you might as well give up. It's possible to script it all from a more
secure server - ssh out to the web server and start ssl from there - but
then, if someone compromises the web server they can simply wrap around
the startup scripts and get the passphrase that way.
--
Charles Cooke, Sysadmin
Say it with flowers, send a triffid.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list